[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] [root access with ProFTPD]

Subject: Re: [cobalt-users] [root access with ProFTPD]
From: "Carrie Bartkowiak" <ravencarrie@xxxxxxxx>
Date: Sun Mar 25 19:01:10 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> >Maybe you would first need to upload the files as 'admin' then use
ssh to
> >login as 'admin' and then su to root and there you go.

Just expanding on that a little:
To get the file initially, you'd need to login as admin, type
su -
and give your root password (the same as admin's unless you've changed
it - I highly recommend changing it), then copy the file to your admin
folder
cp filename /home/sites/home/users/admin/filename
move to the admin's folder
cd /home/sites/home/users/admin
and give the admin rights to download the *copied* version
chown admin filename
Download via ftp, edit in a PLAIN-TEXT editor, upload it back and as
root, copy it over the existing file. Make sure you backup the
original file first
cp filename filename.old
and delete the *copied version* in the admin's folder so that if
someone cracks open admin's password they can't browse through the
copied files you've got there.
rm filename

> If he's wanting to do this on a file by file basis.. perhaps due to
being uncomfortable working in the linux text editors, a "sort-of"
safer work around is to go in as su *via SSH* cd to the directory
where the file is-  chown newowner filename.ext -change owner to his
ftp username (assuming that's the server "admin")... then make his
file changes via whatever means he's comfortable with.. upload the
file and then go back in and chown it back to root...
>
> Maybe not the safest route but only that one file will be vulnerable
while the ownership is changed..

I did that for a while at the start, too.
Both of these methods are really *not* secure, though; and even though
things are insecure for only a few seconds, that could be enough if
someone's watching what you're doing. (Especially if you post to the
list that you are currently using one of these methods - they'll know
to watch you.)

VI is one of the editors that you can use through telnet to make
changes to files. Some users find it to be a bi*** of a program
though, and it does take some getting used to. To view a file in vi,
just go to that directory and type
vi filename
PICO is a much easier editor and simple to use. All of the commands
are right at the bottom of the screen. Make sure that for files that
go way off the side of the screen, if you edit one of those lines it
will bounce the remainder down to the next line. You'll need to go to
the end of the line you're working on and hit the delete button one
time to pull the rest of the line back up there. Don't leave lines
broken like that or you'll break things in the system. To view/edit a
file with pico, just type
pico filename
Note: for either of these, it's best to be root - you have to be
whatever owner the file is or root. Again, don't forget to backup the
file first with the copy command I gave you above.

After you use pico two or three times you'll stop ftp-ing things down
to your own machine. It's really *much* faster to just go in through a
shell prompt and edit what you need, then get out.

CarrieB

References:
- Re: [cobalt-users] [root access with ProFTPD]
  - From: Wayne Sagar

Prev by Date: [cobalt-users] emails are only valid at @www.mydomain.com(2)
Next by Date: RE: [cobalt-users] regarding named running as root after pkg update...
Previous by thread: Re: [cobalt-users] [root access with ProFTPD]
Next by thread: Re: [cobalt-users] [root access with ProFTPD]

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index